Results 1 to 3 of 3

Thread: Smitfraud-C.CoreService

  1. #1
    Junior Member flycrj200's Avatar
    Join Date
    Oct 2008
    Posts
    1

    Default Smitfraud-C.CoreService

    Hi:
    I’m very new at this and not sure what to do. My computer is infected with Smitfraud-C.CoreService. I ran Spybot several times but was not able to remove it. It was suggested that I post on this forum to get help on how to remove the Malware. Any help will be appreciated.
    Hint of the Day: Click the bar at the right of this to see more information! ()


    I-Won: [SBI $95D04353] IE start page (Registry change, nothing done)
    HKEY_USERSS-1-5-21-790965890-4193796728-1977230260-1000\Software\Microsoft\Internet Explorer\Main\Start Page=about:blank

    Smitfraud-C.CoreService: [SBI $9C656B9A] Data (File, nothing done)
    C:\Windows\System32\drivers\core.cache.dsk

    DoubleClick: Tracking cookie (Internet Explorer: office depot) (Cookie, nothing done)



    --- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

    2008-07-07 blindman.exe (1.0.0.8)
    2008-07-07 SDFiles.exe (1.6.0.4)
    2008-07-07 SDMain.exe (1.0.0.6)
    2008-07-07 SDShred.exe (1.0.2.3)
    2008-07-07 SDUpdate.exe (1.6.0.8)
    2008-07-07 SDWinSec.exe (1.0.0.12)
    2008-07-07 SpybotSD.exe (1.6.0.30)
    2008-07-07 TeaTimer.exe (1.6.0.20)
    2008-10-05 unins000.exe (51.49.0.0)
    2008-07-07 Update.exe (1.6.0.7)
    2008-07-07 advcheck.dll (1.6.1.12)
    2007-04-02 aports.dll (2.1.0.0)
    2008-06-14 DelZip179.dll (1.79.11.1)
    2008-07-07 SDHelper.dll (1.6.0.12)
    2008-06-19 sqlite3.dll
    2008-07-07 Tools.dll (2.1.5.7)
    2008-09-02 Includes\Adware.sbi (*)
    2008-09-09 Includes\AdwareC.sbi (*)
    2008-06-03 Includes\Cookies.sbi (*)
    2008-09-02 Includes\Dialer.sbi (*)
    2008-09-09 Includes\DialerC.sbi (*)
    2008-07-23 Includes\HeavyDuty.sbi (*)
    2008-09-02 Includes\Hijackers.sbi (*)
    2008-09-02 Includes\HijackersC.sbi (*)
    2008-09-09 Includes\Keyloggers.sbi (*)
    2008-09-30 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2008-09-09 Includes\Malware.sbi (*)
    2008-09-30 Includes\MalwareC.sbi (*)
    2008-09-02 Includes\PUPS.sbi (*)
    2008-09-11 Includes\PUPSC.sbi (*)
    2007-11-07 Includes\Revision.sbi (*)
    2008-06-18 Includes\Security.sbi (*)
    2008-09-30 Includes\SecurityC.sbi (*)
    2008-06-03 Includes\Spybots.sbi (*)
    2008-06-03 Includes\SpybotsC.sbi (*)
    2008-09-09 Includes\Spyware.sbi (*)
    2008-09-23 Includes\SpywareC.sbi (*)
    2008-06-03 Includes\Tracks.uti
    2008-09-30 Includes\Trojans.sbi (*)
    2008-09-30 Includes\TrojansC.sbi (*)
    2008-03-04 Plugins\Chai.dll
    2008-03-05 Plugins\Fennel.dll
    2008-02-26 Plugins\Mate.dll
    2007-12-24 Plugins\TCPIPAddress.dll
    Omar D.

  2. #2
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Hi flycrj200

    Click here to download HJTInstall.exe
    • Save HJTInstall.exe to your desktop.
    • Doubleclick on the HJTInstall.exe icon on your desktop.
    • By default it will install to C:\Program Files\Trend Micro\HijackThis .
    • Click on Install.
    • It will create a HijackThis icon on the desktop.
    • Once installed, it will launch Hijackthis.
    • Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
    • Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
    • Come back here to this thread and Paste the log in your next reply.
    • DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
    • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

  3. #3
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Due to the lack of feedback this Topic is closed.

    If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

    If it has been less than five days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.

    Everyone else please begin a New Topic.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •